<?php 

/**

 * [WeEngine System] Copyright (c) 2014 WE7.CC

 * WeEngine is NOT a free software, it under the license terms, visited http://www.qincewang.com/ for more details.

 */

$_W['page']['title'] = '工具 - 系统管理';

$dos = array('bom', 'scan');

$do = in_array($do, $dos) ? $do : 'bom';



if($do == 'bom') {

	if(checksubmit('submit')) {

		set_time_limit(0);

		load()->func('file');

		$path = IA_ROOT;

		$trees = file_tree($path);

		$bomtree = array();

		foreach($trees as $tree) {

			$tree = str_replace($path, '', $tree);

			$tree = str_replace('\\', '/', $tree);

			if(strexists($tree, '.php')) {

				$fname = $path . $tree;

				$fp = fopen($fname, 'r');

				if(!empty($fp)) {

					$bom = fread($fp, 3);

					fclose($fp);

					if($bom == "\xEF\xBB\xBF") {

						$bomtree[] = $tree;

					}

				}

			}

		}

		cache_write('bomtree', $bomtree);

	}

	if (checksubmit('dispose')) {

		$trees = cache_load('bomtree');

		$path = IA_ROOT;

		foreach($trees as $tree) {

			$fname = $path . $tree;

			$string = file_get_contents($fname);

			$string = substr($string, 3);

			file_put_contents($fname, $string);

			fclose($fp);

		}

		cache_delete('bomtree');

	}

	template('system/bom');

}



if($do == 'scan') {

	$op = trim($_GPC['op']) ? trim($_GPC['op']) : 'post';

	if($op == 'post') {

		$config = iunserializer(cache_read('scan:config'));

		$list = glob(IA_ROOT.'/*', GLOB_NOSORT);

		$ignore = array();

		foreach($list as $key => $li) {

			if(in_array(basename($li), $ignore)) {

				unset($list[$key]);

			}

		}



		$safe = array (

			'file_type' => 'php|js',

			'code' => 'weidongli|sinaapp|safedog',

			'func' => 'com|system|exec|eval|escapeshell|cmd|passthru|base64_decode|gzuncompress',

			'dir' => '',

		);



		if(checksubmit('submit')) {

			if(empty($_GPC['dir'])) {

				message('请选择要扫描的目录', referer(), 'success');

			}

			foreach($_GPC['dir'] as $k => $v) {

				if(in_array(basename($v), $ignore)) {

					unset($_GPC['dir'][$k]);

				}

			}

						$info['file_type'] = 'php|js';

			$info['func'] = trim($_GPC['func']) ? trim($_GPC['func']) : 'com|system|exec|eval|escapeshell|cmd|passthru|base64_decode|gzuncompress';

			$info['code'] = trim($_GPC['code']) ? trim($_GPC['code']) : 'weidongli|sinaapp';

			$info['md5_file'] = trim($_GPC['md5_file']);

			$info['dir'] = $_GPC['dir'];

			cache_delete('scan:config');

			cache_delete('scan:file');

			cache_delete('scan:badfile');

			cache_write('scan:config', iserializer($info));

			message("配置保存完成，开始文件统计。。。", url('system/tools/scan', array('op' => 'count')), 'success');

		}

	}



	if($op == 'count') {

		load()->func('file');

		set_time_limit(0);

		$files = array();

		$config = iunserializer(cache_read('scan:config'));

		if(empty($config)) {

			message('获取扫描配置失败', url('system/tools/scan'), 'error');

		}

		$config['file_type'] = explode('|', $config['file_type']);

		$list_arr = array();

		foreach($config['dir'] as $v) {

			if(is_dir($v)) {

				if(!empty($config['file_type'])) {

					foreach ($config['file_type'] as $k) {

						$list_arr = array_merge($list_arr, file_lists($v . '/', 1, $k, 0, 1, 1));

					}

				}

			} else {

				$list_arr = array_merge($list_arr, array(str_replace(IA_ROOT . '/', '', $v) => md5_file($v)));

			}

		}

		unset($list_arr['data/config.php']);

		$list_arr = iserializer($list_arr);

		cache_write('scan:file', $list_arr);

		message("文件统计完成，进行特征函数过滤。。。", url('system/tools/scan', array('op' => 'filter_func')), 'success');

	}



	if($op == 'filter_func') {

		@set_time_limit(0);

		$config = iunserializer(cache_read('scan:config'));

		$file = iunserializer(cache_read('scan:file'));

		if (isset($config['func']) && !empty($config['func'])) {

			foreach ($file as $key => $val) {

				$html = file_get_contents(IA_ROOT . '/' . $key);

				if(stristr($key, '.php.') != false || preg_match_all('/[^a-z]?('.$config['func'].')\s*\(/i', $html, $state, PREG_SET_ORDER)) {

					$badfiles[$key]['func'] = $state;

				}

			}

		}

		if(!isset($badfiles)) $badfiles = array();

		cache_write('scan:badfile', iserializer($badfiles));

		message("特征函数过滤完成，进行特征代码过滤。。。", url('system/tools/scan', array('op' => 'filter_code')), 'success');

	}

	if($op == 'filter_code') {

		@set_time_limit(0);

		$config = iunserializer(cache_read('scan:config'));

		$file = iunserializer(cache_read('scan:file'));

		$badfiles = unserialize(cache_read('scan:badfile'));

		if (isset($config['code']) && !empty($config['code'])) {

			foreach ($file as $key => $val) {

				if(!empty($config['code'])) {

					$html = file_get_contents(IA_ROOT . '/' . $key);

					if(stristr($key, '.php.') != false || preg_match_all('/[^a-z]?('.$config['code'].')/i', $html, $state, PREG_SET_ORDER)) {

						$badfiles[$key]['code'] = $state;

					}

				}

				if(strtolower(substr($key, -4)) == '.php' && function_exists('zend_loader_file_encoded') && zend_loader_file_encoded(IA_ROOT . '/' . $key)) {

					$badfiles[$key]['zend'] = 'zend encoded';

				}

				$html = '';

			}

		}

		cache_write('scan:badfile', iserializer($badfiles));

		message("特征代码过滤完成，进行加密文件过滤。。。", url('system/tools/scan', array('op' => 'encode')), 'success');

	}



	if($op == 'encode') {

		@set_time_limit(0);

		$file = iunserializer(cache_read('scan:file'));

		$badfiles = iunserializer(cache_read('scan:badfile'));



		foreach ($file as $key => $val) {

			if(strtolower(substr($key, -4)) == '.php') {

				$html = file_get_contents(IA_ROOT . '/' . $key);

				$token = token_get_all($html);

				$html = '';

				foreach($token as $to) {

					if(is_array($to) && $to[0] == T_VARIABLE) {

						$pre = preg_match("/([".chr(0xb0)."-".chr(0xf7)."])+/", $to[1]);

						if(!empty($pre)) {

							$badfiles[$key]['danger'] = 'danger';

							break;

						}

					}

				}

			}

		}

		cache_write('scan:badfile', iserializer($badfiles));

		message("扫描完成。。。", url('system/tools/scan', array('op' => 'display')), 'success');

	}



	if($op == 'display') {

		$badfiles = iunserializer(cache_read('scan:badfile'));

		if(empty($badfiles)) {

			message('没有找到扫描结果，请重新扫描',  url('system/tools/scan'), 'error');

		}

		unset($badfiles['data/config.php']);

		foreach($badfiles as $k => &$v) {

			$v['func_count'] = 0;

			if(isset($v['func'])) {

				$v['func_count'] = count($v['func']);

				foreach ($v['func'] as $k1 => $v1) {

					$d[$k1] = strtolower($v1[1]);

				}

				$d = array_unique($d);

				$v['func_str'] = implode(', ', $d);

			}

			$v['code_count'] = 0;

			if(isset($v['code'])) {

				$v['code_count'] = count($v['code']);

				foreach ($v['code'] as $k2 => $v2) {

					$d1[$k2] = strtolower($v2[1]);

				}

				$d1 = array_unique($d1);

				$v['code_str'] = implode(', ', $d1);

			}

		}

	}



	if($op == 'view') {

		$file = authcode(trim($_GPC['file'], 'DECODE'));

		$file_tmp = $file;

		if(empty($file) || strexists($file, './') || strexists($file, '../') || $file == 'data/config.php') {

			message('文件不存在', referer(), 'error');

		}

				$file_arr = explode('/', $file);

		$ignore = array('payment');



		if(is_array($file_arr) && in_array($file_arr[0], $ignore)) {

			message('系统不允许查看当前文件', referer(), 'error');

		}

		$file = IA_ROOT . '/' . $file;

		if(!is_file($file)) {

			message('文件不存在', referer(), 'error');

		}

		$badfiles = iunserializer(cache_read('scan:badfile'));

		$info = $badfiles[$file_tmp];

		unset($badfiles);



		if(!empty($info)) {

			$info['func_count'] = 0;

			if(isset($info['func'])) {

				$info['func_count'] = count($info['func']);

				foreach ($info['func'] as $k1 => $v1) {

					$d[$k1] = strtolower($v1[1]);

				}

				$d = array_unique($d);

				$info['func_str'] = implode(', ', $d);

			}

			$info['code_count'] = 0;

			if(isset($info['code'])) {

				$info['code_count'] = count($info['code']);

				foreach ($info['code'] as $k2 => $v2) {

					$d1[$k2] = strtolower($v2[1]);

				}

				$d1 = array_unique($d1);

				$info['code_str'] = implode(', ', $d1);

			}

		}

		$data = file_get_contents($file);

	}

	template('system/scan');

}







